IoT Security
Advances in Authentication
1st Edition
Will be published approx. on 10. January 2020
Book
Hardback
320 pages
978-1-119-52792-3 (ISBN)
Description
The Internet of things (IoT) is the network of physical devices such as vehicles, home appliances sensors, actuators and other electronic devices. The development of internet offers the possibility for these objects to connect and exchange data. Since IoT will pay a major role in our lives, it is important to secure the IoT ecosystem for its value to be realized. Among the various security requirements, authentication to the IoT is importance since it is the first step to prevent the impact of attackers. The book offers an insight into the development of various authentication mechanisms to provide IoT authentication in various levels such as user level, device level and network level. The user-level authentication identifies whether the IoT user is a legitimate user to access the smart object services and what kind of authentication mechanisms can be used. Network level authentication is needed to check the identity of connected IoT devices. This book, therefore, offers reference material which will be important for all relative stakeholders of mobile networks such as network operators, cloud operators, IoT device manufacturers, IoT device users, wireless users, IoT standardization organizations and security solution developers.
More details
Other editions
Additional editions
E-Book
12/2019
1st Edition
Wiley-ISTE
€120.99
Available for download
E-Book
12/2019
1st Edition
Wiley-ISTE
€120.99
Available for download
Content
Preface
Acknowledgments
Part I: IoT Overview
Chapter 1: Introduction to IoT
1. Introduction
1.1. Evolution of IoT
2. IoT Architecture and Taxonomy
3. Standardization Efforts
4. IoT Applications
4.1. Smart Home
4.2. Smart City
4.3. Smart Energy
4.4. Healthcare
4.5. IoT Automotive
4.6. Gaming, AR and VR
4.7. Retail
4.8. Wearable
4.9. Smart Agriculture
4.10. Industrial Interne
4.11. Tactile Internet
5. Conclusion
Chapter 2: Introduction to IoT Security
1. Introduction
2. Attacks and Countrameasures
2.1. Perception Layer
2.2. Network Layer
2.3. Application Layer
3. Authentication and Authorization
3.1. Authentication
3.2. Authorization
3.3. Authentication at IoT Layers
4. Other Security Features and Related Issues
4.1. The Simplified Layer Structure
4.2. The Idea of Middleware
4.3. Cross-Layer Security Problem
4.4. Privacy
4.5. Risk Mitigation
5. Discussion
Part II: IoT Network and Communication Authentication
Chapter 3: Symmetric Key Based Authentication with an Application to Wireless Sensor Networks
1. Introduction
2. Related Work
3. System Model and Assumptions
3.1. Design goals
3.2. Setting
3.3. Notations
3.4. Attack model
4. Scheme in normal mode
4.1. Installation phase
4.2. Group node key
4.3. Individual cluster key
4.4. Pairwise key derivation
4.5. Multicast key
4.6. Group cluster key
5. Authentication
6. Scheme in change mode
6.1. Capture of CN
6.2. Capture of CH
6.3. Changes for honest nodes
7. Security analysis
7.1. Resistance against impersonation attack
7.2. Resistance against node capture
7.3. Resistance against replay attacks
8. Efficiency
8.1. Number of communication phases
8.2. Storage requirements
8.3. Packet fragmentation
9. Conclusions
Chapter 4: Public Key Based Protocols - EC Crypto
1. Introduction to ECC
1.1. Notations
1.2. ECC for authentication and key management
2. ECC based Implicit Certificates
2.1. Authentication and key management using ECC implicit certificates
3. ECC based signcryption
3.1. Security features
3.2. Scheme
4. ECC based group communication
4.1. Background and assumptions
4.2. Scheme
5. Implementation aspects
6. Discussion
Chapter 5: Lattice-Based Cryptography and Internet of Things
1. Introduction
1.1. Organization
2. Lattice-Based Cryptography
2.1. Notations
2.2. Preliminaries
2.3. Computational Problems
2.4. State-of-the-Art
3. Lattice-Based Primitives
3.1. One-way and collision-resistant hash functions
3.2. Passively secure encryption
3.3. Actively secure encryption
3.4. Trapdoor functions
3.5. Gadget trapdoor
3.6. Digital signatures without trapdoors
3.7. Pseudorandom functions (PRF)
3.8. Homomorphic Encryption
3.9. Identity-Based Encryption (IBE)
3.10. Attribute-Based Encryption
4. Lattice-Based Cryptography for IoT
5. Conclusion
Part III: IoT User Level Authentication
Chapter 6: Efficient and Anonymous Mutual Authentication Protocol in Multi-Access Edge Computing (MEC) Environments
1. Introduction
2. Related work
3. Network model and adversary model
4. Proposed Scheme
4.1. System setup for the edge nodes registration at the registration center
4.2. User registration phase
4.3. Login and user authentication phase
4.4. Password update phase
5. Security and Performance evaluation
5.1. Informal security analysis
5.2. Performance analysis
6. Conclusion
Chapter 7: Biometric-Based Robust Access Control Model for Industrial Internet of Things Applications
1. Introduction
2. Related work:
3. Network model, threat model and security requirements.
3.1. Network model:
3.2. Threat model:
3.3. Security goals:
4. Proposed Access Control Model in IIoT
4.1. System setup:
4.2. Authentication and key establishment:
5. Security and performance evaluations:
5.1. Informal security analysis:
5.2. Performance analysis:
6. Conclusions:
Chapter 8: Gadget Free Authentication
1. Introduction to Gadget Free World
2. Introduction to Biometrics
3. Gadget Free Authentication
4. Preliminary aspects
4.1. Security Requirements
4.2. Setting
4.3. Notations
5. The system
5.1. Registration phase
5.2. Installation phase
5.3. Request phase
5.4. Answer phase
5.5. Update phase
6. Security analysis
6.1. Accountability
6.2. Replay attacks
6.3. Insider attacks
6.4. HW/SW attacks
6.5. Identity privacy
7. Performance Analysis
7.1. Timing for cryptographic/computational operation
7.2. Communication cost
8. Conclusions
Chapter 9: WebMaDa 2.1 - A Web-Based Framework for Handling User Requests Automatically and Addressing Data Control in Parallel
1. IoT-related Concerns
2. Design Decisions
3. WebMaDa's History
4. WebMaDa 2.1
4.1. Email Notifications
4.2. Data Control Support
5. Implementation
5.1. Mailing Functionality
5.2. Logging Functionality
5.3. Filtering Functionality
6. Proof of Operability
6.1. Automated Request Handling
6.2. Filtering Functionality Using Logging Solution
7. Summary and Conclusions
Part IV: IoT Device Level Authentication
Chapter 10: PUF Based Authentication and Key Exchange for Internet of Things
1. Introduction
2. Related Work
2.1. Key Agreement from IoT Device to Server
2.2. Key Agreement between Two IoT Devices
3. Preliminaries
3.1. System Architecture
3.2. Assumptions
3.3. Attack model
3.4. Cryptographic Operations
4. Proposed system
4.1. Registration phase
4.2. Security Association phase
4.3. Authentication and Key Agreement Phase
5. Security Evaluation
6. Performance
6.1. Computational Cost
6.2. Communication Cost
7. Conclusions
Chapter 11: Hardware Based Encryption via Generalized Synchronization of Complex Networks
1. Introduction
2. System scheme: Synchronization without correlation
2.1. The Delay-Filter-Permute block
2.2. Steady-state dynamics of the DFP
2.3. DFP bitstream generation
2.4. Sensitivity to changes in the permutation table
3. The chaotic followers
3.1. The Permute-Filter block
3.2. Brute force attack
3.3. PF bitstream generation
4. The complete system
4.1. Image encryption example
4.2. Usage for authentication
5. Conclusions and outlook
Part V: IoT Use cases and Implementations
Chapter 12: IoT Use Cases and Implementations: Healthcare
1. Introduction
2. Remote patient monitoring architecture
3. Security related to eHealth
3.1. IoT authentication
4. Remote patient monitoring security
4.1. Mobile Application Security
4.2. Communication Security
4.3. Data Integrity
4.4. Cloud Security
4.5. Audit Logs
4.6. Intrusion detection module
4.7. Authentication architecture
4.8. Attacks on remote patient monitoring platform
5. Conclusion
Chapter 13: Secure and Efficient Privacy-Preserving Scheme in Connected Smart Grid Networks
1. Introduction
2. Preliminaries
2.1. System model
2.2. Security requirements
2.3. Cryptographic operations and notations
3. Proposed Scheme
3.1. Initialisation phase
3.2. Smart meter registration phase
3.3. Secure Communication between smart meter and aggregator
4. Security Analysis
4.1. Formal proof
4.2. Informal discussion
5. Performance Analysis
5.1. Computation costs
5.2. Communication costs
6. Conclusions
Chapter 14: Blockchain-Based Cyber Physical Trust Systems
1. Introduction
2. Related work
3. Overview of use-cases and security goals
4. Proposed Approach
5. Evaluation results
5.1. Security features
5.2. Testbed results
6. Conclusion
Index
Acknowledgments
Part I: IoT Overview
Chapter 1: Introduction to IoT
1. Introduction
1.1. Evolution of IoT
2. IoT Architecture and Taxonomy
3. Standardization Efforts
4. IoT Applications
4.1. Smart Home
4.2. Smart City
4.3. Smart Energy
4.4. Healthcare
4.5. IoT Automotive
4.6. Gaming, AR and VR
4.7. Retail
4.8. Wearable
4.9. Smart Agriculture
4.10. Industrial Interne
4.11. Tactile Internet
5. Conclusion
Chapter 2: Introduction to IoT Security
1. Introduction
2. Attacks and Countrameasures
2.1. Perception Layer
2.2. Network Layer
2.3. Application Layer
3. Authentication and Authorization
3.1. Authentication
3.2. Authorization
3.3. Authentication at IoT Layers
4. Other Security Features and Related Issues
4.1. The Simplified Layer Structure
4.2. The Idea of Middleware
4.3. Cross-Layer Security Problem
4.4. Privacy
4.5. Risk Mitigation
5. Discussion
Part II: IoT Network and Communication Authentication
Chapter 3: Symmetric Key Based Authentication with an Application to Wireless Sensor Networks
1. Introduction
2. Related Work
3. System Model and Assumptions
3.1. Design goals
3.2. Setting
3.3. Notations
3.4. Attack model
4. Scheme in normal mode
4.1. Installation phase
4.2. Group node key
4.3. Individual cluster key
4.4. Pairwise key derivation
4.5. Multicast key
4.6. Group cluster key
5. Authentication
6. Scheme in change mode
6.1. Capture of CN
6.2. Capture of CH
6.3. Changes for honest nodes
7. Security analysis
7.1. Resistance against impersonation attack
7.2. Resistance against node capture
7.3. Resistance against replay attacks
8. Efficiency
8.1. Number of communication phases
8.2. Storage requirements
8.3. Packet fragmentation
9. Conclusions
Chapter 4: Public Key Based Protocols - EC Crypto
1. Introduction to ECC
1.1. Notations
1.2. ECC for authentication and key management
2. ECC based Implicit Certificates
2.1. Authentication and key management using ECC implicit certificates
3. ECC based signcryption
3.1. Security features
3.2. Scheme
4. ECC based group communication
4.1. Background and assumptions
4.2. Scheme
5. Implementation aspects
6. Discussion
Chapter 5: Lattice-Based Cryptography and Internet of Things
1. Introduction
1.1. Organization
2. Lattice-Based Cryptography
2.1. Notations
2.2. Preliminaries
2.3. Computational Problems
2.4. State-of-the-Art
3. Lattice-Based Primitives
3.1. One-way and collision-resistant hash functions
3.2. Passively secure encryption
3.3. Actively secure encryption
3.4. Trapdoor functions
3.5. Gadget trapdoor
3.6. Digital signatures without trapdoors
3.7. Pseudorandom functions (PRF)
3.8. Homomorphic Encryption
3.9. Identity-Based Encryption (IBE)
3.10. Attribute-Based Encryption
4. Lattice-Based Cryptography for IoT
5. Conclusion
Part III: IoT User Level Authentication
Chapter 6: Efficient and Anonymous Mutual Authentication Protocol in Multi-Access Edge Computing (MEC) Environments
1. Introduction
2. Related work
3. Network model and adversary model
4. Proposed Scheme
4.1. System setup for the edge nodes registration at the registration center
4.2. User registration phase
4.3. Login and user authentication phase
4.4. Password update phase
5. Security and Performance evaluation
5.1. Informal security analysis
5.2. Performance analysis
6. Conclusion
Chapter 7: Biometric-Based Robust Access Control Model for Industrial Internet of Things Applications
1. Introduction
2. Related work:
3. Network model, threat model and security requirements.
3.1. Network model:
3.2. Threat model:
3.3. Security goals:
4. Proposed Access Control Model in IIoT
4.1. System setup:
4.2. Authentication and key establishment:
5. Security and performance evaluations:
5.1. Informal security analysis:
5.2. Performance analysis:
6. Conclusions:
Chapter 8: Gadget Free Authentication
1. Introduction to Gadget Free World
2. Introduction to Biometrics
3. Gadget Free Authentication
4. Preliminary aspects
4.1. Security Requirements
4.2. Setting
4.3. Notations
5. The system
5.1. Registration phase
5.2. Installation phase
5.3. Request phase
5.4. Answer phase
5.5. Update phase
6. Security analysis
6.1. Accountability
6.2. Replay attacks
6.3. Insider attacks
6.4. HW/SW attacks
6.5. Identity privacy
7. Performance Analysis
7.1. Timing for cryptographic/computational operation
7.2. Communication cost
8. Conclusions
Chapter 9: WebMaDa 2.1 - A Web-Based Framework for Handling User Requests Automatically and Addressing Data Control in Parallel
1. IoT-related Concerns
2. Design Decisions
3. WebMaDa's History
4. WebMaDa 2.1
4.1. Email Notifications
4.2. Data Control Support
5. Implementation
5.1. Mailing Functionality
5.2. Logging Functionality
5.3. Filtering Functionality
6. Proof of Operability
6.1. Automated Request Handling
6.2. Filtering Functionality Using Logging Solution
7. Summary and Conclusions
Part IV: IoT Device Level Authentication
Chapter 10: PUF Based Authentication and Key Exchange for Internet of Things
1. Introduction
2. Related Work
2.1. Key Agreement from IoT Device to Server
2.2. Key Agreement between Two IoT Devices
3. Preliminaries
3.1. System Architecture
3.2. Assumptions
3.3. Attack model
3.4. Cryptographic Operations
4. Proposed system
4.1. Registration phase
4.2. Security Association phase
4.3. Authentication and Key Agreement Phase
5. Security Evaluation
6. Performance
6.1. Computational Cost
6.2. Communication Cost
7. Conclusions
Chapter 11: Hardware Based Encryption via Generalized Synchronization of Complex Networks
1. Introduction
2. System scheme: Synchronization without correlation
2.1. The Delay-Filter-Permute block
2.2. Steady-state dynamics of the DFP
2.3. DFP bitstream generation
2.4. Sensitivity to changes in the permutation table
3. The chaotic followers
3.1. The Permute-Filter block
3.2. Brute force attack
3.3. PF bitstream generation
4. The complete system
4.1. Image encryption example
4.2. Usage for authentication
5. Conclusions and outlook
Part V: IoT Use cases and Implementations
Chapter 12: IoT Use Cases and Implementations: Healthcare
1. Introduction
2. Remote patient monitoring architecture
3. Security related to eHealth
3.1. IoT authentication
4. Remote patient monitoring security
4.1. Mobile Application Security
4.2. Communication Security
4.3. Data Integrity
4.4. Cloud Security
4.5. Audit Logs
4.6. Intrusion detection module
4.7. Authentication architecture
4.8. Attacks on remote patient monitoring platform
5. Conclusion
Chapter 13: Secure and Efficient Privacy-Preserving Scheme in Connected Smart Grid Networks
1. Introduction
2. Preliminaries
2.1. System model
2.2. Security requirements
2.3. Cryptographic operations and notations
3. Proposed Scheme
3.1. Initialisation phase
3.2. Smart meter registration phase
3.3. Secure Communication between smart meter and aggregator
4. Security Analysis
4.1. Formal proof
4.2. Informal discussion
5. Performance Analysis
5.1. Computation costs
5.2. Communication costs
6. Conclusions
Chapter 14: Blockchain-Based Cyber Physical Trust Systems
1. Introduction
2. Related work
3. Overview of use-cases and security goals
4. Proposed Approach
5. Evaluation results
5.1. Security features
5.2. Testbed results
6. Conclusion
Index